Health Monitoring
FSSMP proactively monitors the “health” of your Forefront agent systems, by looking at events in the 7000-7999 range. Events are logged when transitions occur from one state to another. Health is indicated by a color code:
Green (success) – everything is functioning properly and performing well.
Yellow (warning) – performance is poor or a problem is impairing non-critical functionality.
Red (error) – critical functionality has been lost and alerts will be generated.
Problem Types
These are the various types of problems that FSSMP keeps track of for you.
Engines
These are the monitored engine problems.
| Monitored Event | Success (green) | Warning (yellow) | Error (red) |
|---|---|---|---|
Engine updates enabled |
The engines selected in the client are those enabled for updates. |
The engines selected in the client are not those enabled in the updates. |
Not applicable. |
Engine updates successful |
All engines enabled for updates were successfully updated. |
At least 50% of the engines enabled for updates were successfully updated. |
Less than 50% of the engines enabled for updates were successfully updated. |
Last engine update |
All engines were updated in the last week. |
Some of the engines were not updated in the last week. |
No engines were updated in the last week. |
Engines selected for the Transport Scan Job have been initialized |
Not applicable. |
Not applicable. |
No engines are initialized. |
Transport and Realtime Scan Jobs (separate events for each)
These are the monitored transport and realtime scan job problems.
| Monitored Event | Success (green) | Warning (yellow) | Error (red) |
|---|---|---|---|
Scan job enabled |
The scan job was enabled from both Operate/Run Job and from General Options. |
The scan job was enabled in only one of the areas. |
The scan job was not enabled in either area. |
Scan process state |
The scanning processes are running. |
A scanning process timed out or had an exception and did not restart. |
No scanning processes restarted after a timeout or exception. |
Scanning statistics (Transport and Mailbox) |
Less than 50% of all messages received in the last hour were infected. |
Not applicable. |
At least 50% of all messages received in the last hour were infected. This is considered to be a virus outbreak. |
Services
These are the monitored services problems.
| Monitored Event | Success (green) | Warning (yellow) | Error (red) |
|---|---|---|---|
Transport connected |
The edge transport service is running and the Forefront agent is registered with FSCController. |
Not applicable. |
The edge transport service is running, but the Forefront agent is not registered with FSCController. |
Mailbox connected |
The Exchange Information Store is running and the Forefront VSAPI library is registered with FSSController. |
Not applicable. |
The Exchange Information Store is running, but the Forefront VSAPI library is not registered with FSSController |
FSC monitor |
FSC monitor is running. |
Not applicable. |
FSC monitor is not running. |
License
These are the monitored license problems.
| Monitored Event | Success (green) | Warning (yellow) | Error (red) |
|---|---|---|---|
License state |
Forefront license is enabled. |
Forefront license is in the evaluation, beta, or grace period. |
Forefront license has expired. |